<?php

session_start();
include_once 'conectar_bd.php';
$base=  conectar_solo_lectura();

if($_SERVER["REQUEST_METHOD"] == "POST"){


    $usr=addslashes($_POST['usuario']); 
    $pass=addslashes($_POST['password']); 


    $sql="SELECT usuario, password FROM admin_user WHERE usuario='$usr'";
    $results = $base->query($sql);
    $row=$results->fetchArray();
    if(sizeof($row)==1){
        echo "el usuario no existe";
    }else{
        
        $pass_tabla=$row['password'];
        if(sha1($pass)==$pass_tabla)
        {
            $_SESSION['login_user']=$usr;
            echo "logueado";
        }
        else 
        {
            echo "password inválido";
        
        }
    }
}
?>